-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Annotation-based ignore #267
Labels
Comments
Hi @mrueg, thanks for filing this issue. If I understand correctly, the ask here is to add a rule that would except any resources with a label from a policy that matches one in a If so, I'd welcome a PR to add this to the examples to show what is possible. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would be interesting to extend the rego library with support for an annotation-based ignore.
An annotation could look like the following
the logic could then allow to check for annotations on the object to ignore specific policies.
The policies itself should have a variable that allow this behavior, as the default should still be to enforce.
The text was updated successfully, but these errors were encountered: